Security software architectures, such as for example, anti-malware systems, often involve the use of protected memory views that have additional privileges and control capabilities over the computing platform relative to other memory views. A memory view is a domain within a shared address space that is associated with a certain level of protection. In a virtual machine (VM) environment, for example where VM guests are hosted on a platform by a virtual machine monitor (VMM), view switching may typically be accomplished by the VMM, which manages and updates page tables used to map or translate guest physical memory addresses to host physical memory addresses. Transitions between untrusted views and protected views must be securely controlled, however, to prevent untrusted views from inducing unintended control flows within the protected views. For example, an untrusted view should not be able to directly invoke a routine within the protected view that grants the untrusted view access to sensitive or confidential data within the protected view. This secure control of view switching, however, tends to be computationally expensive and may decrease the overall efficiency of the system.
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications, and variations thereof will be apparent to those skilled in the art.